MyHostingPartner.com
Webhosting | Hosting - My Hosting PartnerWebhosting | Hosting - My Hosting PartnerWebhosting | Hosting - My Hosting PartnerWebhosting | Hosting - My Hosting Partner

Error in WordPress plug-in opened up more than 30,000 sites to hackers

  1. Home | 
  2. Blog | 
  3. Security | 
  4. Error in WordPress plug-in opened up more than 30,000 sites to hackers
Error in WordPress plug-in opened up more than 30,000 sites to hackers
MijnHostingPartner

Error in WordPress plug-in opened up more than 30,000 sites to hackers

If you have been using WordPress for a long time, you probably already know that you should be careful with certain plug-ins.Every plug-in can be an entry for malicious users. Last week a well-known plug-in called Yellow Pencil was removed by WordPress itself.The reason for this was that there was a flaw in the security which allowed a malicious user to perform actions as an admin.This means that they can modify your entire website and possibly kill it. The plug-in was removed on Monday, April 15 by WordPress.

Does this affect me?

If you are using WordPress hosting this is a bit of a shock, but it only affects you if you are using this plug-in.When you are using this plug-in it is of course advisable to remove it, however this does not directly solve the problem.Since you could log in as administrator on the website it is also advisable to change your admin password, you can do this in the database.

You then log in with your database data, if you don't know this you can find it in your wp-config.php file which contains your database data.Once you are logged in, look for the table with the name wp_users, then look for your admin account and click on edit.You will see your password, enter your new password here, do not forget to check MD5, click on start and then you have your admin password reset.

Of course it is also possible that you still want to use the plug-in this is possible however it is not recommended.There is also an update for the plug-in that closes this leak.You can easily install this update by first deactivating and removing the old plug-in and then downloading and installing the new version.Of course it is recommended to change your admin password after the installation, when you have done this you can use the plug-in again.

Should your website still be hacked then you can do a few things to prevent this.The most important thing is to make backups almost always, fortunately this is a process that can be done automatically by MijnHostingPartner, which saves you a lot of time.It is also advisable to regularly change your password to make it more difficult for hackers to get to your admin area.

If you have any further questions about YellowPencil you can of course always check if a chat employee is available.If there is no one on the chat then you can always create a ticket towards our helpdesk.

  • n
  • 18-04-2019